Penetration Testing and Network Defense

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

D.A.D. (disclosure, alteration, and destruction) attacks

D.I.S.C. profile data dictionary

database attacks

     detecting

     tools for performing

databases     Microsoft SQL Server         querying

         structure of     MySQL     Oracle     protecting against attacks

     RDBMSs         vulnerabilities, testing     susceptibility to attacks Datapool DAWN Security Systems, fictitious penetration test of LCN     covering tracks     follow-up

     gaining access 2nd 3rd

     information gathering 2nd     maintaining access     planning the attack

     sample report

     scanning and enumeration

DDoS (Distributed Denial of Service) attacks

DDoSPing tool default SSIDs as security risk

defending against social engineering attacks defining scope of testing 2nd

detecting     backdoor applications     brute force attacks 2nd     database attacks     directory traversals

     DoS attacks

         with appliance firewalls

         with host-based IDSs

         with signature-based network IDSs 2nd

     password-cracking attacks

         from physical access

         within system log files

     scans

     server attacks

     session hijacking

         with Cisco IDS 4200 series sensors 2nd

         with packet sniffers

     Trojans applications

     web attacks         directory traversals

     Whisker attacks

    wireless network attacks

         DoS attacks

         MAC address spoofing         on unprotected WLANs         rogue APs

         unallocated MAC addresses devices 2nd     routers, testing for vulnerabilities     switches

         testing for vulnerabilities DHTML (Dynamic HTML) DilDog dipole antennas directory traversals, detecting disabling unnecessary router services disaster recovery policies

discovering firewall configurations

     through firewalking     with ACK scan DMZ (demilitarized zone), securing network architecture

documentation

     Appendixes

     Executive Summary 2nd

         sample     Project Scope

     Results Analysis domain model

dominant behavior classification (D.I.S.C.) Donald Dick DoS (denial of service) attacks 2nd     case study     DDoS

     detecting

         with appliance firewalls

         with host-based IDSs

         with signature-based network IDSs

     detecting on wireless networks

     Fraggle attacks

     LAND attacks

     Ping of Death

     preventing

         through application hardening

         through network hardening

     protocol exceptions

     Smurf attacks

     SYN floods     tools for executing 2nd

         Datapool

         Hgod

         Jolt2

downloading websites for offline viewing DSSS (Direct Sequence Spread Spectrum) DStumbler

DTD (Document Type Definition) dumb scans dumpster diving     obtaining company information